Category Started On Completed On Duration Cuckoo Version
FILE 2014-07-03 13:01:49 2014-07-03 13:03:31 102 seconds 1.2-dev
Machine Label Manager Started On Shutdown On
machine4 xpmachine4 VirtualBox 2014-07-03 13:01:52 2014-07-03 13:03:31

File Details

File name foto-sets.scr
File size 120832 bytes
File type PE32 executable (GUI) Intel 80386, for MS Windows
CRC32 740A0148
MD5 916e17b30128d87303279bf6a75d855b
SHA1 097eb9d0dbbd64e554f6a6f673d64050a72bd953
SHA256 0c90f1a01e7b6bf889566cc0f229e9e679d1fd50d06426ad3b2a8ac627d704c9
SHA512 fb7f7ef2684375e3a9d36c14717d9842eb9fa9cf12557b888cfab87f0e3a7df892df16ef234b713a242995cba8b722a6ca2065645d01c5926f87a214d0bd864c
Ssdeep None
PEiD None matched
Yara None matched
VirusTotal Permalink
VirusTotal Scan Date: 2014-07-03 10:44:16
Detection Rate: 2/53 (Expand)

Signatures

File has been identified by at least one AntiVirus on VirusTotal as malicious

Screenshots

Static Analysis

Version Infos

Sections

Imports

Strings

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

Behavior Summary

Files
  • C:\WINDOWS\system32
  • *.dll
  • C:\
  • C:\DOCUME~1\TDW\LOCALS~1\Temp\foto-sets.scr
  • C:\WINDOWS\system32\msiexec.exe
Mutexes Nothing to display.
Registry Keys Nothing to display.

Processes

registry filesystem process services network synchronization

foto-sets.scr PID: 588, Parent PID: 1796

msiexec.exe PID: 1872, Parent PID: 588

Volatility

Nothing to display.